mirror/fenom
1
0
Fork 0
mirror of https://github.com/fenom-template/fenom.git synced 2023-08-10 21:13:07 +03:00
Code Issues Projects Releases Wiki Activity

Update Fenom.php

Browse Source
This commit is contained in:
Anton 2022-06-12 11:46:43 +03:00 committed by GitHub
parent 79283c6f7f
commit 5e14c6bf90
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/Fenom.php
View File

@ -782,16 +782,30 @@ class Fenom
public function isAllowedFunction($function)
{
$function = (string) $function;
$allow = ($this->_options & self::DENY_NATIVE_FUNCS)
? isset($this->_allowed_funcs[$function])
: function_exists($function);
return $allow && !in_array($function, $this->getDisabledFuncs(), true);
}
/**
* Returns the disabled PHP functions.
*
* @return string[]
*/
protected function _getDisabledFuncs()
{
if (!is_array($this->_disabled_funcs)) {
$disabled = ini_get('disable_functions');
$this->_disabled_funcs = empty($disabled) ? [] : explode(',', $disabled);
// adds execution functions to disabled for security
$this->_disabled_funcs = array_merge(
empty($disabled) ? [] : explode(',', $disabled),
array('exec', 'system', 'passthru', 'shell_exec', 'pcntl_exec', 'proc_open', 'popen'),
array('call_user_func', 'call_user_func_array')
);
}
if ($this->_options & self::DENY_NATIVE_FUNCS) {
return isset($this->_allowed_funcs[$function]) && !in_array($function, $this->_disabled_funcs, true);
}
return function_exists($function) && !in_array($function, $this->_disabled_funcs, true);
return $this->_disabled_funcs;
}
/**